pkg:Go/github.com/theupdateframework/go-tuf/v2
8 total CVEsHIGH2MEDIUM6
✅ Check your installed version
All known vulnerabilities
- HIGH7.5CVE-2024-47534Incorrect delegation lookups can make go-tuf download the wrong artifact in github.com/theupdateframework/go-tuffrom 0, < 2.0.1
- HIGH7.5CVE-2024-47534Incorrect delegation lookups can make go-tuf download the wrong artifact in github.com/theupdateframework/go-tuffrom 0, < 2.0.1
- MEDIUM5.9CVE-2026-23992Improper validattion of configured threshold for delegations in github.com/theupdateframework/go-tuffrom 0, < 2.3.1
- MEDIUM5.9CVE-2026-23992Improper validattion of configured threshold for delegations in github.com/theupdateframework/go-tuffrom 0, < 2.3.1
- MEDIUM5.9CVE-2026-23991Client DoS via malformed server response in github.com/theupdateframework/go-tuffrom 0, < 2.3.1
- MEDIUM5.9CVE-2026-23991Client DoS via malformed server response in github.com/theupdateframework/go-tuffrom 0, < 2.3.1
- MEDIUM4.7CVE-2026-24686Path traversal in TAP 4 multirepo client allows arbitrary file write via repo names in github.com/theupdateframework/go-tuffrom 0, < 2.4.1
- MEDIUM4.7CVE-2026-24686Path traversal in TAP 4 multirepo client allows arbitrary file write via repo names in github.com/theupdateframework/go-tuffrom 0, < 2.4.1